Secure Coding

Defending JavaScript

Course Learning Objectives

This course is designed for front-end JavaScript developers. By the end of this course, you’ll be able to describe and defend against client-side and server-side cross-site scripting and injection attacks, explain security guidelines for protecting authentication data and implementing access control, protect user sessions, describe and defend against cross-site request forgery and cross-origin sharing, ensure secure communication, and finally, describe best practices for writing secure JavaScript code, protecting data, and implementing a Content Security Policy.


Defending JavaScript is a course for basic and intermediate developers who have some knowledge of application security fundamentals. This course takes a code agnostic approach to secure coding to identify and defend against common risks for front-end JavaScript vulnerabilities. While the focus is on the front-end, there are considerations for back-end security where it applies to the front-end as well. These topics include, cross-site scripting, injection attacks, broken authentication and broken access control, security misconfiguration, and general best practices.


Basic JavaScript Developers, Intermediate JavaScript Developers

Time Required

Tailored learning - 60 minutes total

JVS101S - Defending JavaScript

$139.00 *prices shown in USD Add to Cart or Subscribe your team